fusee/sept: support for dev key generation

fusee/fusee-secondary/Makefile

@@ -100,7 +100,7 @@ KIPFILES 	:=	loader.kip pm.kip sm.kip ams_mitm.kip spl.kip boot.kip
 BINFILES	:=	$(foreach dir,$(DATA),$(notdir $(wildcard $(dir)/*.*))) fusee-primary.bin \
 				exosphere.bin lp0fw.bin rebootstub.bin thermosphere.bin splash_screen.bmp \
 				sept-primary.bin sept-secondary_00.enc sept-secondary_01.enc emummc.kip \
-				kernel_ldr.bin $(KIPFILES)
+				sept-secondary_dev00.enc sept-secondary_dev01.enc kernel_ldr.bin $(KIPFILES)
 
 #---------------------------------------------------------------------------------
 # use CXX for linking C++ projects, CC for standard C

fusee/fusee-secondary/src/nxboot.c

@@ -607,11 +607,21 @@ uint32_t nxboot_main(void) {
         }
 
         if (tsec_fw_size == 0x3000) {
-            sept_secondary_enc = sept_secondary_00_enc;
-            sept_secondary_enc_size = sept_secondary_00_enc_size;
+            if (!fuse_get_retail_type()) {
+                sept_secondary_enc = sept_secondary_dev00_enc;
+                sept_secondary_enc_size = sept_secondary_dev00_enc_size;
+            } else {
+                sept_secondary_enc = sept_secondary_00_enc;
+                sept_secondary_enc_size = sept_secondary_00_enc_size;
+            }
         } else if (tsec_fw_size == 0x3300) {
-            sept_secondary_enc = sept_secondary_01_enc;
-            sept_secondary_enc_size = sept_secondary_01_enc_size;
+            if (!fuse_get_retail_type()) {
+                sept_secondary_enc = sept_secondary_dev01_enc;
+                sept_secondary_enc_size = sept_secondary_dev01_enc_size;
+            } else {
+                sept_secondary_enc = sept_secondary_01_enc;
+                sept_secondary_enc_size = sept_secondary_01_enc_size;
+            }
         } else {
             fatal_error("[NXBOOT] Unable to identify sept revision to run.");
         }

sept/sept-secondary/KEYS_template.py

@@ -10,11 +10,29 @@ HOVI_SIG_KEY_PRD  = [
     bytearray.fromhex('00000000000000000000000000000000'),
 ]
 
+HOVI_ENC_KEY_DEV = [
+    bytearray.fromhex('00000000000000000000000000000000'),
+    bytearray.fromhex('00000000000000000000000000000000'),
+]
+
+HOVI_SIG_KEY_DEV  = [
+    bytearray.fromhex('00000000000000000000000000000000'),
+    bytearray.fromhex('00000000000000000000000000000000'),
+]
+
 IV = [
     bytearray.fromhex('00000000000000000000000000000000'),
     bytearray.fromhex('00000000000000000000000000000000'),
 ]
 
+IV_DEV = [
+    bytearray.fromhex('00000000000000000000000000000000'),
+    bytearray.fromhex('00000000000000000000000000000000'),
+]
+
 assert len(HOVI_ENC_KEY_PRD) == NUM_KEYS
 assert len(HOVI_SIG_KEY_PRD) == NUM_KEYS
-assert len(IV) == NUM_KEYS
+assert len(HOVI_ENC_KEY_DEV) == NUM_KEYS
+assert len(HOVI_SIG_KEY_DEV) == NUM_KEYS
+assert len(IV) == NUM_KEYS
+assert len(IV_DEV) == NUM_KEYS

sept/sept-secondary/sept_sign.py

@@ -71,11 +71,12 @@ def main(argc, argv):
         code = f.read()
     if len(code) & 0xF:
         code = code + bytearray(0x10 - (len(code) & 0xF))
-    # TODO: Support dev unit crypto
     fn, fext = os.path.splitext(argv[2])
     for key in range(KEYS.NUM_KEYS):
         with open(fn + ('_%02X' % key) + fext, 'wb') as f:
             f.write(sign_encrypt_code(code, KEYS.HOVI_SIG_KEY_PRD[key], KEYS.HOVI_ENC_KEY_PRD[key], KEYS.IV[key], b'THANKS_NVIDIA_<3', key))
+        with open(fn + ('_dev%02X' % key) + fext, 'wb') as f:
+            f.write(sign_encrypt_code(code, KEYS.HOVI_SIG_KEY_DEV[key], KEYS.HOVI_ENC_KEY_DEV[key], KEYS.IV_DEV[key], b'THANKS_NVIDIA_<3', key))
     return 0